VYPR
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Feb 6, 2026

HID: uclogic: Correct devm device reference for hidinput input_dev name

CVE-2023-54207

Description

In the Linux kernel, the following vulnerability has been resolved:

HID: uclogic: Correct devm device reference for hidinput input_dev name

Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management.

Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

73

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.